Shibboleth SSO Setup
This article outlines how to setup SSO using Shibboleth.
If you are using Shibboleth as your Identity Provider, you will need the following attributes:
Login URL:
- If you are using the Legacy HackEDU Platform you will use this: https://app.hackedu.com/login?domain=example.com
- If you are setting up SSO for my.securityjourney.com you will use this: https://my.securityjourney.com/?domain=custommerdomain.co
Entity Id: urn:amazon:cognito:sp:us-east-1_CHi5tsM8X
SAML POST endpoint: https://auth.hackedu.com/saml2/idpresponse
You will also need the following metadata file:
<?xml version="1.0"?>
<md:EntityDescriptor entityID="urn:amazon:cognito:sp:us-east-1_CHi5tsM8X" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
<md:SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:KeyDescriptor use="signing">
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<X509Data>
<X509Certificate>MIICvDCCAaSgAwIBAgIIF7E0eYsy6vowDQYJKoZIhvcNAQELBQAwHjEcMBoGA1UEAwwTdXMtZWFzdC0xX0NIaTV0c004WDAeFw0yMDAyMTExNzAzNTJaFw0zMDAyMTExNzAzNTJaMB4xHDAaBgNVBAMME3VzLWVhc3QtMV9DSGk1dHNNOFgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZjreEolViBOYRCxE5SaNHLk0EbSQ3ndVXrhtqmF5fG84JP8hQmAIdCBBtDu44vhyzv1a/a53w4CiccYw8D79rV9gX46vX4/hdqVTgXD/BEtWJwlkUZrgT3vXcXPj3Je83nbtEzxeijvRNU+YDxIw7IzEtZNi7oxoL63YSfnsTe5BNwaZ4nLH5DpwESxAk8nflp2IQIfLOOXWQncBHOeTpOKI5dZfF/8WYLk5if785dPKCjQyTihgyMzcKERhq2mDm9vjzuLHKp05dgQ8eH30oXd1fKfVbDM730VWSKfrNbMktAnsJs9qCehczk5mGnRps+H3ERkkeRyh8yQacuY2rAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAJA0IHi2RlFmLOzVfQ9AjF0n1G9lJ4HHXmdj+3DdXTE7bt8I1Gdb+Rcd7O+TXX+0COYGGuRBpeG+yW/BH5lU78Rccr+QhpQuLmU5C9tzpViSO0/Y3PpxOeAbKQnC1BRj25Ycra+iFMpaTeu/M+s+cXRfJ1dVqnzn5ncrvseOziP9IRhSvBbiv4CVi7Im4cqBpY17CtbFeE0RY9IC2YAjNDKqSNqlfB+Zr44JgoXMlxfpIElwdNmXSYt7qTMKhSDBdfNTEatIbmeHAFeIi0xx1UofRPHGSdaB2PdwSVpjyP0a9tUgJ1vC+zwKq+FsCcqlj4USztKuE9gIX3zK69ucch8=</X509Certificate>
</X509Data>
</KeyInfo>
</md:KeyDescriptor>
<md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://auth.hackedu.com/saml2/idpresponse" index="1"/>
</md:SPSSODescriptor>
<md:Organization>
<md:OrganizationName xml:lang="en-US">HackEDU, Inc.</md:OrganizationName>
<md:OrganizationDisplayName xml:lang="en-US">HackEDU</md:OrganizationDisplayName>
<md:OrganizationURL xml:lang="en-US">https://hackedu.com</md:OrganizationURL>
</md:Organization>
<md:ContactPerson contactType="technical">
<md:GivenName>Support</md:GivenName>
<md:EmailAddress>support@hackedu.com</md:EmailAddress>
</md:ContactPerson>
<md:ContactPerson contactType="support">
<md:GivenName>Support</md:GivenName>
<md:EmailAddress>support@hackedu.com</md:EmailAddress>
</md:ContactPerson>
</md:EntityDescriptor>
Syncing Learner Attributes
We do support mapping additional learner attributes. For more information on what fields we support and configuration details check out this article.
Upload Metadata File
You can upload your metadata by navigating to Admin > Settings > SSO.